urlscan.io logo urlscan.io
SecurityTrails logo

accounts.us.crown.com Open in urlscan Pro
2606:4700::6813:a818  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://customer.crown.com/
Effective URL: https://accounts.us.crown.com/u/login/identifier?state=hKFo2SBzLWdwT1F6eG9Lc1NTZHgtZm83ZnJnckdOZXhhWFF0UqFur3VuaXZlcnNhbC1sb2d...
Submission: On October 24 via manual from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 3 domains to perform 12 HTTP transactions. The main IP is 2606:4700::6813:a818, located in United States and belongs to CLOUDFLARENET, US. The main domain is accounts.us.crown.com. The Cisco Umbrella rank of the primary domain is 492040.
TLS certificate: Issued by E1 on October 24th 2023. Valid for: 3 months.
This is the only time accounts.us.crown.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 11 192.69.21.74 21729 (CROWN-EQU...)
2 2600:9000:212... 16509 (AMAZON-02)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 193.158.69.70 3320 (DTAG Inte...)
1 141.193.213.10 209242 (CLOUDFLAR...)
12 5
11    192.69.21.74 (United States)

ASN21729 (CROWN-EQUIPMENT, US)
customer.crown.com
2    2600:9000:2127:3800:10:474e:104a:2961 (United States)

ASN16509 (AMAZON-02, US)
cdn.auth0.com
2    2606:4700::6813:a818 (United States)

ASN13335 (CLOUDFLARENET, US)
accounts.us.crown.com
1    193.158.69.70 (Munich, Germany)

ASN3320 (DTAG Internet service provider operations, DE)
www.crown.com
1    141.193.213.10 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
framella.com
Apex Domain
Subdomains		 Transfer
14 crown.com
customer.crown.com — Cisco Umbrella Rank: 324119
accounts.us.crown.com — Cisco Umbrella Rank: 492040
www.crown.com — Cisco Umbrella Rank: 321878
2 MB
2 auth0.com
cdn.auth0.com — Cisco Umbrella Rank: 7991
114 KB
1 framella.com
framella.com — Cisco Umbrella Rank: 689794
27 KB
12 3
Domain Requested by
11 customer.crown.com 4 redirects customer.crown.com
2 accounts.us.crown.com 1 redirects customer.crown.com
2 cdn.auth0.com customer.crown.com
accounts.us.crown.com
1 framella.com accounts.us.crown.com
1 www.crown.com accounts.us.crown.com
12 5

This site contains links to these domains. Also see Links.

Domain
www.crown.com
Subject Issuer Validity Valid
customer.crown.com
DigiCert SHA2 Extended Validation Server CA		 2022-10-18 -
2023-11-18		 a year crt.sh
*.auth0.com
Amazon RSA 2048 M01		 2023-02-24 -
2024-03-24		 a year crt.sh
accounts.us.crown.com
E1		 2023-10-24 -
2024-01-22		 3 months crt.sh
www.crown.com
DigiCert SHA2 Extended Validation Server CA		 2023-02-14 -
2024-03-06		 a year crt.sh
framella.com
Cloudflare Inc ECC CA-3		 2023-04-05 -
2024-04-03		 a year crt.sh

This page contains 1 frames:

Primary Page: https://accounts.us.crown.com/u/login/identifier?state=hKFo2SBzLWdwT1F6eG9Lc1NTZHgtZm83ZnJnckdOZXhhWFF0UqFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIHlkaGtvVjB6V0RMYkNyeWRhMmpuNk9EOVRfQ0gwNENpo2NpZNkgTW1JNW1KdVBUcHppYWVqdkZDR2RWYnNyd2ZVM281aTI
Frame ID: E8336C9048AFA20DC615BD0C51E172EB
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign In | Crown Equipment Corporation

Page URL History Show full URLs

  1. https://customer.crown.com/ HTTP 302
    https://customer.crown.com/c/portal/login?redirect=%2F&p_l_id=2433906 HTTP 302
    https://customer.crown.com/sso/?service=https%3A%2F%2Fcustomer.crown.com%2Fc%2Fportal%2Flogin%3Fredirec... HTTP 302
    https://customer.crown.com/sso/login?service=https%3A%2F%2Fcustomer.crown.com%2Fc%2Fportal%2Flogin%3Fre... Page URL
  2. https://customer.crown.com/sso/clientredirect?client_name=Auth0&service=https%3A%2F%2Fcustomer.crown.co... HTTP 302
    https://accounts.us.crown.com/authorize?scope=openid+profile+email&response_type=code&redirect_uri=https%3... HTTP 302
    https://accounts.us.crown.com/u/login/identifier?state=hKFo2SBzLWdwT1F6eG9Lc1NTZHgtZm83ZnJnckdOZXhhWFF0UqF... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/material(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

12
Requests

100 %
HTTPS

40 %
IPv6

3
Domains

5
Subdomains

5
IPs

2
Countries

1806 kB
Transfer

2166 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://customer.crown.com/ HTTP 302
    https://customer.crown.com/c/portal/login?redirect=%2F&p_l_id=2433906 HTTP 302
    https://customer.crown.com/sso/?service=https%3A%2F%2Fcustomer.crown.com%2Fc%2Fportal%2Flogin%3Fredirect%3D%252F%26p_l_id%3D2433906 HTTP 302
    https://customer.crown.com/sso/login?service=https%3A%2F%2Fcustomer.crown.com%2Fc%2Fportal%2Flogin%3Fredirect%3D%252F%26p_l_id%3D2433906 Page URL
  2. https://customer.crown.com/sso/clientredirect?client_name=Auth0&service=https%3A%2F%2Fcustomer.crown.com%2Fc%2Fportal%2Flogin%3Fredirect%3D%252F%26p_l_id%3D2433906 HTTP 302
    https://accounts.us.crown.com/authorize?scope=openid+profile+email&response_type=code&redirect_uri=https%3A%2F%2Fcustomer.crown.com%2Fsso%2Flogin%2FAuth0&state=TST-146321-USRR1Z3J9GqelxKFHG93zda6M-KhLUjE&code_challenge_method=S256&client_id=MmI5mJuPTpziaejvFCGdVbsrwfU3o5i2&code_challenge=v2SFOgnS4UOFf7kYkl-CVXXij0TjaibeRCHLWRPnejU HTTP 302
    https://accounts.us.crown.com/u/login/identifier?state=hKFo2SBzLWdwT1F6eG9Lc1NTZHgtZm83ZnJnckdOZXhhWFF0UqFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIHlkaGtvVjB6V0RMYkNyeWRhMmpuNk9EOVRfQ0gwNENpo2NpZNkgTW1JNW1KdVBUcHppYWVqdkZDR2RWYnNyd2ZVM281aTI Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://customer.crown.com/ HTTP 302
  • https://customer.crown.com/c/portal/login?redirect=%2F&p_l_id=2433906 HTTP 302
  • https://customer.crown.com/sso/?service=https%3A%2F%2Fcustomer.crown.com%2Fc%2Fportal%2Flogin%3Fredirect%3D%252F%26p_l_id%3D2433906 HTTP 302
  • https://customer.crown.com/sso/login?service=https%3A%2F%2Fcustomer.crown.com%2Fc%2Fportal%2Flogin%3Fredirect%3D%252F%26p_l_id%3D2433906

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
login
customer.crown.com/sso/
Redirect Chain
  • https://customer.crown.com/
  • https://customer.crown.com/c/portal/login?redirect=%2F&p_l_id=2433906
  • https://customer.crown.com/sso/?service=https%3A%2F%2Fcustomer.crown.com%2Fc%2Fportal%2Flogin%3Fredirect%3D%252F%26p_l_id%3D2433906
  • https://customer.crown.com/sso/login?service=https%3A%2F%2Fcustomer.crown.com%2Fc%2Fportal%2Flogin%3Fredirect%3D%252F%26p_l_id%3D2433906
13 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://customer.crown.com/sso/login?service=https%3A%2F%2Fcustomer.crown.com%2Fc%2Fportal%2Flogin%3Fredirect%3D%252F%26p_l_id%3D2433906
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.69.21.74 , United States, ASN21729 (CROWN-EQUIPMENT, US),
Reverse DNS
Software
Apache /
Resource Hash
733945756139bf6d6368c8e7bf485ef7dede989a3a6e3f3b3c052eb749b95cc9
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=63072000 max-age=15768000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Connection
Keep-Alive
Content-Language
en
Content-Security-Policy
frame-ancestors 'self';
Content-Type
text/html;charset=UTF-8
Date
Tue, 24 Oct 2023 15:43:12 GMT
Expires
0
Keep-Alive
timeout=5, max=97
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=63072000 max-age=15768000 ; includeSubDomains
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block

Redirect headers

Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Connection
Keep-Alive
Content-Language
en
Content-Length
0
Content-Security-Policy
frame-ancestors 'self';
Date
Tue, 24 Oct 2023 15:43:11 GMT
Expires
0
Keep-Alive
timeout=5, max=98
Location
/sso/login?service=https%3A%2F%2Fcustomer.crown.com%2Fc%2Fportal%2Flogin%3Fredirect%3D%252F%26p_l_id%3D2433906
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=63072000 max-age=15768000 ; includeSubDomains
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
main.cdn.min.css
cdn.auth0.com/ulp/react-components/1.57.8/css/ 		227 KB
53 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.auth0.com/ulp/react-components/1.57.8/css/main.cdn.min.css
Requested by
Host: customer.crown.com
URL: https://customer.crown.com/sso/login?service=https%3A%2F%2Fcustomer.crown.com%2Fc%2Fportal%2Flogin%3Fredirect%3D%252F%26p_l_id%3D2433906
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:3800:10:474e:104a:2961 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5574f65fc9530a594709afe2c2714ec0da178070bc64f4342132f408847857c6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://customer.crown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:59:46 GMT
x-amz-version-id
sGE3yp8EZn2ZaHIvFzDRA3Dae.jsJry7
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 0bb58964819755c192fe9c24c342bd1a.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000; includeSubDomains
x-amz-cf-pop
PRG50-C1
age
42208
x-cache
Hit from cloudfront
x-amz-replication-status
FAILED
last-modified
Fri, 01 Oct 2021 18:06:41 GMT
server
AmazonS3
etag
W/"ad01655c936e524d356d2bdc54322957"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2628000,public
x-robots-tag
noindex
x-amz-cf-id
knmWk3M9qVkejB2QpVzMtjllGNM4y4tDXDqqQ1qu5HUcarmwYuns3Q==
jquery.min.js
customer.crown.com/sso/webjars/jquery/3.6.0/ 		87 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://customer.crown.com/sso/webjars/jquery/3.6.0/jquery.min.js
Requested by
Host: customer.crown.com
URL: https://customer.crown.com/sso/login?service=https%3A%2F%2Fcustomer.crown.com%2Fc%2Fportal%2Flogin%3Fredirect%3D%252F%26p_l_id%3D2433906
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.69.21.74 , United States, ASN21729 (CROWN-EQUIPMENT, US),
Reverse DNS
Software
Apache /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=63072000, max-age=15768000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://customer.crown.com/sso/login?service=https%3A%2F%2Fcustomer.crown.com%2Fc%2Fportal%2Flogin%3Fredirect%3D%252F%26p_l_id%3D2433906
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Tue, 24 Oct 2023 15:43:12 GMT
Strict-Transport-Security
max-age=63072000, max-age=15768000 ; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self';
Last-Modified
Fri, 01 Oct 2021 04:07:20 GMT
Server
Apache
Vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
X-Frame-Options
SAMEORIGIN
Content-Type
text/javascript;charset=UTF-8
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
89501
X-XSS-Protection
1; mode=block
es5-shim.js
customer.crown.com/sso/webjars/es5-shim/4.5.9/ 		83 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://customer.crown.com/sso/webjars/es5-shim/4.5.9/es5-shim.js
Requested by
Host: customer.crown.com
URL: https://customer.crown.com/sso/login?service=https%3A%2F%2Fcustomer.crown.com%2Fc%2Fportal%2Flogin%3Fredirect%3D%252F%26p_l_id%3D2433906
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.69.21.74 , United States, ASN21729 (CROWN-EQUIPMENT, US),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=63072000, max-age=15768000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://customer.crown.com/sso/login?service=https%3A%2F%2Fcustomer.crown.com%2Fc%2Fportal%2Flogin%3Fredirect%3D%252F%26p_l_id%3D2433906
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Tue, 24 Oct 2023 15:43:13 GMT
Strict-Transport-Security
max-age=63072000, max-age=15768000 ; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self';
Last-Modified
Fri, 01 Oct 2021 04:07:18 GMT
Server
Apache
Vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
X-Frame-Options
SAMEORIGIN
Content-Type
text/javascript;charset=UTF-8
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
84557
X-XSS-Protection
1; mode=block
css-vars-ponyfill.min.js
customer.crown.com/sso/webjars/css-vars-ponyfill/2.3.1/dist/ 		22 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://customer.crown.com/sso/webjars/css-vars-ponyfill/2.3.1/dist/css-vars-ponyfill.min.js
Requested by
Host: customer.crown.com
URL: https://customer.crown.com/sso/login?service=https%3A%2F%2Fcustomer.crown.com%2Fc%2Fportal%2Flogin%3Fredirect%3D%252F%26p_l_id%3D2433906
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.69.21.74 , United States, ASN21729 (CROWN-EQUIPMENT, US),
Reverse DNS
Software
Apache /
Resource Hash
b7fc55ab62b81eb54ae01de81fee15005fc4f62859ad8c050d6eb1275c8525b7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=63072000, max-age=15768000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://customer.crown.com/sso/login?service=https%3A%2F%2Fcustomer.crown.com%2Fc%2Fportal%2Flogin%3Fredirect%3D%252F%26p_l_id%3D2433906
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Tue, 24 Oct 2023 15:43:13 GMT
Strict-Transport-Security
max-age=63072000, max-age=15768000 ; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self';
Last-Modified
Fri, 01 Oct 2021 04:07:18 GMT
Server
Apache
Vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
X-Frame-Options
SAMEORIGIN
Content-Type
text/javascript;charset=UTF-8
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
22494
X-XSS-Protection
1; mode=block
material-components-web.js
customer.crown.com/sso/webjars/material-components-web/12.0.0/dist/ 		1 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://customer.crown.com/sso/webjars/material-components-web/12.0.0/dist/material-components-web.js
Requested by
Host: customer.crown.com
URL: https://customer.crown.com/sso/login?service=https%3A%2F%2Fcustomer.crown.com%2Fc%2Fportal%2Flogin%3Fredirect%3D%252F%26p_l_id%3D2433906
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.69.21.74 , United States, ASN21729 (CROWN-EQUIPMENT, US),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=63072000, max-age=15768000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://customer.crown.com/sso/login?service=https%3A%2F%2Fcustomer.crown.com%2Fc%2Fportal%2Flogin%3Fredirect%3D%252F%26p_l_id%3D2433906
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Tue, 24 Oct 2023 15:43:13 GMT
Strict-Transport-Security
max-age=63072000, max-age=15768000 ; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self';
Last-Modified
Fri, 19 Nov 2021 07:48:42 GMT
Server
Apache
Vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
X-Frame-Options
SAMEORIGIN
Content-Type
text/javascript;charset=UTF-8
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1453812
X-XSS-Protection
1; mode=block
cas.js
customer.crown.com/sso/js/ 		7 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://customer.crown.com/sso/js/cas.js
Requested by
Host: customer.crown.com
URL: https://customer.crown.com/sso/login?service=https%3A%2F%2Fcustomer.crown.com%2Fc%2Fportal%2Flogin%3Fredirect%3D%252F%26p_l_id%3D2433906
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.69.21.74 , United States, ASN21729 (CROWN-EQUIPMENT, US),
Reverse DNS
Software
Apache /
Resource Hash
21d5ee6d569086c6dbad94c7b12b93a9103d304f92759c8b0793647e70d7ed07
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=63072000, max-age=15768000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://customer.crown.com/sso/login?service=https%3A%2F%2Fcustomer.crown.com%2Fc%2Fportal%2Flogin%3Fredirect%3D%252F%26p_l_id%3D2433906
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Tue, 24 Oct 2023 15:43:13 GMT
Strict-Transport-Security
max-age=63072000, max-age=15768000 ; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self';
Last-Modified
Mon, 17 Jan 2022 14:11:38 GMT
Server
Apache
Vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
X-Frame-Options
SAMEORIGIN
Content-Type
text/javascript;charset=UTF-8
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
7519
X-XSS-Protection
1; mode=block
material.js
customer.crown.com/sso/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://customer.crown.com/sso/js/material.js
Requested by
Host: customer.crown.com
URL: https://customer.crown.com/sso/login?service=https%3A%2F%2Fcustomer.crown.com%2Fc%2Fportal%2Flogin%3Fredirect%3D%252F%26p_l_id%3D2433906
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.69.21.74 , United States, ASN21729 (CROWN-EQUIPMENT, US),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=63072000, max-age=15768000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://customer.crown.com/sso/login?service=https%3A%2F%2Fcustomer.crown.com%2Fc%2Fportal%2Flogin%3Fredirect%3D%252F%26p_l_id%3D2433906
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Tue, 24 Oct 2023 15:43:13 GMT
Strict-Transport-Security
max-age=63072000, max-age=15768000 ; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self';
Server
Apache
Vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
X-Frame-Options
SAMEORIGIN
Content-Type
application/vnd.cas.services+yaml;charset=UTF-8
Transfer-Encoding
chunked
Content-Disposition
inline;filename=f.txt
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
X-XSS-Protection
1; mode=block
Primary Request identifier
accounts.us.crown.com/u/login/
Redirect Chain
  • https://customer.crown.com/sso/clientredirect?client_name=Auth0&service=https%3A%2F%2Fcustomer.crown.com%2Fc%2Fportal%2Flogin%3Fredirect%3D%252F%26p_l_id%3D2433906
  • https://accounts.us.crown.com/authorize?scope=openid+profile+email&response_type=code&redirect_uri=https%3A%2F%2Fcustomer.crown.com%2Fsso%2Flogin%2FAuth0&state=TST-146321-USRR1Z3J9GqelxKFHG93zda6M-...
  • https://accounts.us.crown.com/u/login/identifier?state=hKFo2SBzLWdwT1F6eG9Lc1NTZHgtZm83ZnJnckdOZXhhWFF0UqFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIHlkaGtvVjB6V0RMYkNyeWRhMmpuNk9EOVRfQ0gwNENpo2NpZNkgTW1JNW1KdV...
26 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.us.crown.com/u/login/identifier?state=hKFo2SBzLWdwT1F6eG9Lc1NTZHgtZm83ZnJnckdOZXhhWFF0UqFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIHlkaGtvVjB6V0RMYkNyeWRhMmpuNk9EOVRfQ0gwNENpo2NpZNkgTW1JNW1KdVBUcHppYWVqdkZDR2RWYnNyd2ZVM281aTI
Requested by
Host: customer.crown.com
URL: https://customer.crown.com/sso/login?service=https%3A%2F%2Fcustomer.crown.com%2Fc%2Fportal%2Flogin%3Fredirect%3D%252F%26p_l_id%3D2433906
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:a818 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55c6c3aed913b1500d41039fda2df160f4ee6817a7874caf94ac24bdd441e3db
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://customer.crown.com/sso/login?service=https%3A%2F%2Fcustomer.crown.com%2Fc%2Fportal%2Flogin%3Fredirect%3D%252F%26p_l_id%3D2433906
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, max-age=0, no-transform
cf-cache-status
DYNAMIC
cf-ray
81b355ac8e0c88a3-LHR
content-language
en
content-security-policy
frame-ancestors 'none'
content-type
text/html; charset=utf-8
date
Tue, 24 Oct 2023 15:43:18 GMT
etag
W/"66dd-K5xWuUHaXYKkJGvqCujoiqYbOkg"
expires
Tue, 24 Oct 2023 15:43:18 GMT
ot-baggage-auth0-request-id
81b355ac8e0c88a3
ot-tracer-sampled
true
ot-tracer-spanid
03415d30281bcf23
ot-tracer-traceid
219d717545388f46
pragma
no-cache
referrer-policy
same-origin
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
traceparent
00-0000000000000000219d717545388f46-03415d30281bcf23-01
tracestate
auth0-request-id=81b355ac8e0c88a3,auth0=true
vary
Accept-Encoding
x-auth0-requestid
50f35479f9596531dc7a
x-content-type-options
nosniff
x-frame-options
deny
x-ratelimit-limit
20
x-ratelimit-remaining
19
x-ratelimit-reset
1698162205
x-robots-tag
noindex, nofollow
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, max-age=0, no-transform
cf-cache-status
DYNAMIC
cf-ray
81b355aa8aea88a3-LHR
content-length
446
content-type
text/html; charset=utf-8
date
Tue, 24 Oct 2023 15:43:18 GMT
location
/u/login/identifier?state=hKFo2SBzLWdwT1F6eG9Lc1NTZHgtZm83ZnJnckdOZXhhWFF0UqFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIHlkaGtvVjB6V0RMYkNyeWRhMmpuNk9EOVRfQ0gwNENpo2NpZNkgTW1JNW1KdVBUcHppYWVqdkZDR2RWYnNyd2ZVM281aTI
ot-baggage-auth0-request-id
81b355aa8aea88a3
ot-tracer-sampled
true
ot-tracer-spanid
63af8fee5b343a10
ot-tracer-traceid
55efdb433fd5587b
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
traceparent
00-000000000000000055efdb433fd5587b-63af8fee5b343a10-01
tracestate
auth0-request-id=81b355aa8aea88a3,auth0=true
vary
Accept, Accept-Encoding
x-auth0-requestid
571d51a2f79fe588dd3f
x-content-type-options
nosniff
x-ratelimit-limit
300
x-ratelimit-remaining
299
x-ratelimit-reset
1698162199
main.cdn.min.css
cdn.auth0.com/ulp/react-components/1.81.1/css/ 		253 KB
61 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.auth0.com/ulp/react-components/1.81.1/css/main.cdn.min.css
Requested by
Host: accounts.us.crown.com
URL: https://accounts.us.crown.com/u/login/identifier?state=hKFo2SBzLWdwT1F6eG9Lc1NTZHgtZm83ZnJnckdOZXhhWFF0UqFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIHlkaGtvVjB6V0RMYkNyeWRhMmpuNk9EOVRfQ0gwNENpo2NpZNkgTW1JNW1KdVBUcHppYWVqdkZDR2RWYnNyd2ZVM281aTI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:3800:10:474e:104a:2961 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
54589fa16bab8771ad5212c4efd682263014c4f1908321e44e056d69b4485f55
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id
i9AEqiM6G0Y6gXDTQVE0gk8PKO_c5crK
content-encoding
gzip
via
1.1 0bb58964819755c192fe9c24c342bd1a.cloudfront.net (CloudFront)
date
Tue, 24 Oct 2023 03:14:04 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
x-amz-cf-pop
PRG50-C1
age
45729
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
FAILED
last-modified
Thu, 05 Oct 2023 20:41:52 GMT
server
AmazonS3
etag
W/"158f73453e261458d2d75df098f29ac5"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2628000,public
x-robots-tag
noindex
x-amz-cf-id
RLmjNCiaf-I4StyoynoyxsyYp9oHUrQRZ33Rua9H4jFJzAGWgj3bBA==
crown-gray.svg
www.crown.com/content/dam/crown/iam/ui/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.crown.com/content/dam/crown/iam/ui/crown-gray.svg
Requested by
Host: accounts.us.crown.com
URL: https://accounts.us.crown.com/u/login/identifier?state=hKFo2SBzLWdwT1F6eG9Lc1NTZHgtZm83ZnJnckdOZXhhWFF0UqFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIHlkaGtvVjB6V0RMYkNyeWRhMmpuNk9EOVRfQ0gwNENpo2NpZNkgTW1JNW1KdVBUcHppYWVqdkZDR2RWYnNyd2ZVM281aTI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.158.69.70 Munich, Germany, ASN3320 (DTAG Internet service provider operations, DE),
Reverse DNS
Software
Apache /
Resource Hash
e71e55731841cfb656971160044dc49ea4055765a38279bc69c14c3238b201e6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Tue, 24 Oct 2023 15:43:19 GMT
Strict-Transport-Security
max-age=63072000
X-Content-Type-Options
nosniff
Last-Modified
Tue, 07 Mar 2023 17:11:20 GMT
Server
Apache
Age
5180727
ETag
"577-5f65280127e00"
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Access-Control-Allow-Origin
https://shop.crown.com
Content-Disposition
attachment; filename="crown-gray.svg"
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1399
myriadpr-webfont.woff
framella.com/kitt/webfonts/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://framella.com/kitt/webfonts/myriadpr-webfont.woff
Requested by
Host: accounts.us.crown.com
URL: https://accounts.us.crown.com/u/login/identifier?state=hKFo2SBzLWdwT1F6eG9Lc1NTZHgtZm83ZnJnckdOZXhhWFF0UqFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIHlkaGtvVjB6V0RMYkNyeWRhMmpuNk9EOVRfQ0gwNENpo2NpZNkgTW1JNW1KdVBUcHppYWVqdkZDR2RWYnNyd2ZVM281aTI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d138e333ed7fb8e4685b1416ef35cd87c541af3570b9f9c3bb4d79259448c45

Request headers

Referer
https://accounts.us.crown.com/
Origin
https://accounts.us.crown.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 15:43:19 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Jul 2019 15:56:01 GMT
server
cloudflare
age
115614
etag
"5d275c11-6ce4"
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
81b355b14e0d068f-LHR
alt-svc
h3=":443"; ma=86400
content-length
27876

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| getContactUsLink

8 Cookies

Domain/Path Name / Value
customer.crown.com/sso Name: DISSESSION
Value: a01c4951-1885-446c-b6f2-86bf2a50fb06
customer.crown.com/ Name: JSESSIONID
Value: 9C4DC8B6AE7633AE5A99335B3FA57F2F.corp384b-worker1
customer.crown.com/ Name: GUEST_LANGUAGE_ID
Value: en_GB
customer.crown.com/ Name: COOKIE_SUPPORT
Value: true
accounts.us.crown.com/ Name: did
Value: s%3Av0%3A0d83e020-7284-11ee-9f56-0b1a1e6ea446.9v98d0qdZOV79tCC%2B75%2B8Te2kIJVsVg1We5RleVbUaI
accounts.us.crown.com/ Name: auth0
Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQIniXChu_EEUfpM2BCz_ZrttgDn9kIgBzwJyxSEVkBKaBbeiyrZ06-hdH7oMCYF3WVfDuXKkZizbjJ3W76BXDh2mY29va2llg6dleHBpcmVz1_9Z4kEAZTvalq5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.jxSsIhk5xMQU3ya26TKXv0r8o6ppOHi4KWk2%2BgRo3O8
accounts.us.crown.com/ Name: did_compat
Value: s%3Av0%3A0d83e020-7284-11ee-9f56-0b1a1e6ea446.9v98d0qdZOV79tCC%2B75%2B8Te2kIJVsVg1We5RleVbUaI
accounts.us.crown.com/ Name: auth0_compat
Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQIniXChu_EEUfpM2BCz_ZrttgDn9kIgBzwJyxSEVkBKaBbeiyrZ06-hdH7oMCYF3WVfDuXKkZizbjJ3W76BXDh2mY29va2llg6dleHBpcmVz1_9Z4kEAZTvalq5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.jxSsIhk5xMQU3ya26TKXv0r8o6ppOHi4KWk2%2BgRo3O8

2 Console Messages

Source Level URL
Text
network error URL: https://customer.crown.com/sso/js/material.js
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://customer.crown.com/sso/login?service=https%3A%2F%2Fcustomer.crown.com%2Fc%2Fportal%2Flogin%3Fredirect%3D%252F%26p_l_id%3D2433906
Message:
Refused to execute script from 'https://customer.crown.com/sso/js/material.js' because its MIME type ('application/vnd.cas.services+yaml') is not executable, and strict MIME type checking is enabled.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=63072000 max-age=15768000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block